Since 2004, a source for ranting, reviews and InfoSec news

Menu

Zscaler protects against IE Zero Day

On Tuesday, as seems to be the custom, Microsoft released patches and announced a new zero day in Internet Explorer. MSKB 981374 is a remote code execution in IE6 and IE7. Who know that being on IE5 could ever be a good thing.
The KB says Microsoft released details to venders in their Microsoft Active Protections Program (MAPP) and Microsoft Security Response Alliance (MSRA) programs in order to provide protection to customers.
Within one hour Zscaler had protection in place for its customers. Zscaler offers web security company in a SaaS model. I would see them competing with Scansafe, Purewire and MessageLabs as well as any company trying to get you to put security appliances on your network for web security (bluecoat). Strangely, I didn’t get email from any of those venders bragging they are protecting their customers against this zero day. If they were protecting their customers would there be any reason not to use it for PR? Its not like they are making a Oracle Unbreakable (or was that Apple Unbreakable) claim.

Thanks for stopping by. I do appreciate it.
If you have a antimalware product that does exactly what its supposed to be doing that would be quite rare indeed.
My evals last fall/winter of SaaS web products shows there is still a lot left to be desired in the area of protection. I want my security products to be 100%. Not merely an illusion of security.

I would be very wary about making your SaaS choice simply on the basis of bleeding edge features. Scansafe is probably lightyears ahead of ZScaler on both capacity and robustness. For one ZScaler do not have redundancy in their offerings so when their 1u box goes down your service goes with it. End of story.

actually being able to stop malware is hardly a bleeding edge feature.

I would argue that companies like Fireeye are coming into existance because we aren’t getting what we paid for from web security venders.

At the time of that post, nearly two years ago, Scansafe was developing quite the reputation for latency. I would hope the purchase by Cisco allowed them the resources to process the traffic being thrown at it.

If your claim that they merely have a 1u at each location, that would be quite damning.